Tag: Gulp Users

Researchers Uncover RAT-Dropping npm Package Targeting Gulp Users
News

Researchers Uncover RAT-Dropping npm Package Targeting Gulp Users

Researchers studying cybersecurity have discovered a new dubious package that was submitted to the npm package registry and is intended to infect targeted systems with a remote access trojan (RAT). The package in question is called glup-debugger-log, and it poses as a "logger for gulp and gulp plugins" in order to target users of the gulp toolkit. Thus far, 175 downloads have been made of it. The software supply chain security company Phylum, which found the package, said that two obfuscated files included in the software work together to deliver the dangerous payload. One served as a kind of first dropper, infiltrating the target computer if it fulfilled specific criteria, therefore laying the groundwork for the malware campaign read more Researchers Uncover RAT-Dropping npm Pac...